CVE-2017-7938

MEDIUM

DMitry 1.3a - Stack-based Buffer Overflow via Long Argument

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-7938. PoCs published by FarazPajohan.

AI-analyzed exploit summary This exploit demonstrates a local stack buffer overflow in DMitry 1.3a (Unix) via a long argument, leading to a denial of service (DoS) or potential arbitrary code execution. The PoC uses a simple Python command to generate a long string of 'A's to trigger the overflow.

Description

Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files.

Exploits (1)

exploitdb WORKING POC VERIFIED
by FarazPajohan · textdoslinux
https://www.exploit-db.com/exploits/41898

This exploit demonstrates a local stack buffer overflow in DMitry 1.3a (Unix) via a long argument, leading to a denial of service (DoS) or potential arbitrary code execution. The PoC uses a simple Python command to generate a long string of 'A's to trigger the overflow.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: DMitry (Deepmagic Information Gathering Tool) 1.3a (Unix)
No auth needed
Prerequisites: Local access to the system where DMitry is installed · Ability to execute commands
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Scores

CVSS v3 6.6
EPSS 0.0499
EPSS Percentile 91.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-119
Status published
Products (1)
mor-pah.net/dmitry_deepmagic_information_gathering_tool 1.3a
Published Apr 20, 2017
Tracked Since Feb 18, 2026